4 matches found
CVE-2026-42241
ParquetSharp is a .NET library for reading and writing Apache Parquet files. From version 18.1.0 to before version 23.0.0.1, DecimalConverter.ReadDecimal makes a stackalloc using what might be an attacker-supplied value. If an attacker declares a decimal column with some unreasonable width, this...
CVE-2026-42241
ParquetSharp is a .NET library for reading and writing Apache Parquet files. From version 18.1.0 to before version 23.0.0.1, DecimalConverter.ReadDecimal makes a stackalloc using what might be an attacker-supplied value. If an attacker declares a decimal column with some unreasonable width, this...
Memory Allocation with Excessive Size Value
Overview ParquetSharp is a .NET library for reading and writing Parquet files. Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the DecimalConverter.ReadDecimal function. An attacker can cause a large stackalloc by supplying a Parquet file with a...
PT-2026-37182
Name of the Vulnerable Software and Affected Versions ParquetSharp versions 18.1.0 through 23.0.0 Description ParquetSharp is a .NET library used for reading and writing Apache Parquet files. The ReadDecimal function in DecimalConverter performs a stackalloc operation using a value that can be...